X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fui%2Fui_controls.inc;h=c2dbae05a715440633230fafe231d2850d931d24;hb=df660a601cabb0afe7f3246884f16207b9a0c314;hp=d851544c524358f057043e133528508c65c0758f;hpb=b17df731b4bb055c2fdd568bc4be9e5caa0ee07b;p=fa-stable.git diff --git a/includes/ui/ui_controls.inc b/includes/ui/ui_controls.inc index d851544c..c2dbae05 100644 --- a/includes/ui/ui_controls.inc +++ b/includes/ui/ui_controls.inc @@ -1,29 +1,51 @@ . + See the License here . ***********************************************************************/ +/* + Retrieve value of POST variable(s). + For $name passed as array $dflt is not used, + default values can be passed as values with non-numeric keys instead. + If some field have user formatted numeric value, pass float default value to + convert automatically to POSIX. +*/ +function get_post($name, $dflt='') +{ + if (is_array($name)) { + $ret = array(); + foreach($name as $key => $dflt) + if (!is_numeric($key)) { + $ret[$key] = is_numeric($dflt) ? input_num($key, $dflt) : get_post($key, $dflt); + } else { + $ret[$dflt] = get_post($dflt, null); + } + return $ret; + } else + return is_float($dflt) ? input_num($name, $dflt) : + ((!isset($_POST[$name]) /*|| $_POST[$name] === ''*/) ? $dflt : $_POST[$name]); +} //--------------------------------------------------------------------------------- +$form_nested = -1; -function start_form($multi=false, $sid=false, $action="", $name="") +function start_form($multi=false, $dummy=false, $action="", $name="") { + // $dummy - leaved for compatibility with 2.0 API + global $form_nested; + + if (++$form_nested) return; + if ($name != "") $name = "name='$name'"; if ($action == "") $action = $_SERVER['PHP_SELF']; - if ($sid) - { - if (strpos($action, "?")) - $action .= "&" . SID; - else - $action .= "?" . SID; - } + if ($multi) echo "
\n"; else @@ -31,40 +53,119 @@ function start_form($multi=false, $sid=false, $action="", $name="") } +/* + Flush hidden fields buffer. +*/ +function output_hidden() +{ + global $hidden_fields; + + if (is_array($hidden_fields)) + echo implode('', $hidden_fields); + $hidden_fields = array(); +} //--------------------------------------------------------------------------------- function end_form($breaks=0) { + global $Ajax, $form_nested, $hidden_fields; + + if ($form_nested-- > 0) return; + + $_SESSION['csrf_token'] = random_id(); if ($breaks) br($breaks); - echo "\n"; + hidden('_focus'); + hidden('_modified', get_post('_modified', 0)); + hidden('_confirmed'); // helper for final form confirmation + hidden('_token', $_SESSION['csrf_token']); + + output_hidden(); echo "
\n"; + $Ajax->activate('_token'); + $Ajax->activate('_confirmed'); +} + +function check_csrf_token() +{ + if ($_SESSION['csrf_token'] != @$_POST['_token']) + { + display_error(_("Request from outside of this page is forbidden.")); + error_log(_("CSRF attack detected from: ").@$_SERVER['HTTP_HOST'].' ('.@$_SERVER['HTTP_REFERER'].')'); + return false; + } + return true; } -function start_table($extra="", $padding='2', $spacing='0') +function start_table($class=false, $extra="", $padding='2', $spacing='0') { echo "
\n"; + echo " cellpadding='$padding' cellspacing='$spacing'>\n"; } function end_table($breaks=0) { echo "
\n"; + output_hidden(); if ($breaks) br($breaks); } -function meta_forward($forward_to, $params="") +function start_outer_table($class=false, $extra="", $padding='2', $spacing='0', $br=false) +{ + if ($br) + br(); + start_table($class, $extra, $padding, $spacing); + echo "\n"; // outer table +} + +function table_section($number=1, $width=false) +{ + if ($number > 1) + { + echo "\n"; + output_hidden(); + $width = ($width ? "width='$width'" : ""); + echo "\n"; // outer table + } + echo "\n"; +} + +function end_outer_table($breaks=0, $close_table=true) +{ + if ($close_table) + { + echo "
\n"; + output_hidden(); + } + echo "\n"; + end_table($breaks); +} +// +// outer table spacer +// +function vertical_space($params='') +{ + echo ""; +} + +function meta_forward($forward_to, $params="", $timeout=0, $return=false) { global $Ajax; - echo "\n"; + echo "\n"; echo "

" . _("You should automatically be forwarded."); echo " " . _("If this does not happen") . " " . "" . _("click here") . " " . _("to continue") . ".

\n"; if ($params !='') $params = '?'.$params; $Ajax->redirect($forward_to.$params); - exit; + if (!$return) exit; } //----------------------------------------------------------------------------------- @@ -90,12 +191,30 @@ function access_string($label, $clean=false) return $clean ? $label : array($label, $access); } -function hyperlink_back($center=true) +function hyperlink_back($center=true, $no_menu=true, $type_no=0, $trans_no=0, $final=false) { + global $path_to_root; + if ($center) echo "
"; - //echo ""._("Back")."\n"; - echo "

"._("Back")."

\n"; + $id = 0; + if ($no_menu && $trans_no != 0) + { + include_once($path_to_root."/admin/db/attachments_db.inc"); + $id = has_attachment($type_no, $trans_no); + $attach = get_attachment_string($type_no, $trans_no); + echo $attach; + } + $width = ($id != 0 ? "30%" : "20%"); + start_table(false, "width='$width'"); + start_row(); + if ($no_menu) + { + echo ""._("Print")."\n"; + } + echo "".($no_menu ? _("Close") : _("Back"))."\n"; + end_row(); + end_table(); if ($center) echo "
"; echo "
"; @@ -103,10 +222,13 @@ function hyperlink_back($center=true) function hyperlink_no_params($target, $label, $center=true) { + $id = default_focus(); $pars = access_string($label); + if ($target == '') + $target = $_SERVER['PHP_SELF']; if ($center) echo "
"; - echo "$pars[0]\n"; + echo "$pars[0]\n"; if ($center) echo "
"; } @@ -118,14 +240,68 @@ function hyperlink_no_params_td($target, $label) echo "\n"; } +function viewer_link($label, $url='', $class='', $id='', $icon=null) +{ + global $path_to_root; + + if ($class != '') + $class = " class='$class'"; + + if ($id != '') + $class = " id='$id'"; + + if ($url != "") + { + $pars = access_string($label); + if (user_graphic_links() && $icon) + $pars[0] = set_icon($icon, $pars[0]); + $preview_str = "$pars[0]"; + } + else + $preview_str = $label; + return $preview_str; +} + +function menu_link($url, $label, $id=null) +{ + global $path_to_root; + + $id = default_focus($id); + $pars = access_string($label); + + if ($url[0] != '/') + $url = '/'.$url; + $url = $path_to_root.$url; + + return "$pars[0]"; +} + +function submenu_option($title, $url, $id=null) +{ + display_note( menu_link($url, $title, $id), 0, 1); +} + +function submenu_view($title, $type, $number, $id=null) +{ + display_note(get_trans_view_str($type, $number, $title, false, 'viewlink', $id), 0, 1); +} + +function submenu_print($title, $type, $number, $id=null, $email=0, $extra=0) +{ + display_note(print_document_link($number, $title, true, $type, false, 'printlink', $id, $email, $extra), 0, 1); +} //----------------------------------------------------------------------------------- function hyperlink_params($target, $label, $params, $center=true) { + $id = default_focus(); + $pars = access_string($label); + if ($target == '') + $target = $_SERVER['PHP_SELF']; if ($center) echo "
"; - echo "$pars[0]\n"; + echo "$pars[0]\n"; if ($center) echo "
"; } @@ -141,10 +317,12 @@ function hyperlink_params_td($target, $label, $params) function hyperlink_params_separate($target, $label, $params, $center=false) { + $id = default_focus(); + $pars = access_string($label); if ($center) echo "
"; - echo "$pars[0]\n"; + echo "$pars[0]\n"; if ($center) echo "
"; } @@ -158,77 +336,34 @@ function hyperlink_params_separate_td($target, $label, $params) //-------------------------------------------------------------------------------------------------- -function alt_table_row_color(&$k) +function alt_table_row_color(&$k, $extra_class=null) { + $classes = $extra_class ? array($extra_class) : array(); if ($k == 1) { - echo "\n"; + array_push($classes, 'oddrow'); $k = 0; } else { - echo "\n"; + array_push($classes, 'evenrow'); $k++; } + echo "\n"; } -function table_section_title($msg) +function table_section_title($msg, $colspan=2) { - echo "$msg\n"; + echo "$msg\n"; } -function table_header($labels) +function table_header($labels, $params='') { start_row(); foreach ($labels as $label) - labelheader_cell($label); + labelheader_cell($label, $params); end_row(); } - -//----------------------------------------------------------------------------------- - -function set_icon($icon, $title=false) -{ - global $path_to_root; - return "\n"; -} - -function button($name, $value, $title=false, $icon=false) -{ - // php silently changes dots,spaces,'[' and characters 128-159 - // to underscore in POST names, to maintain compatibility with register_globals - if (user_graphic_links() && $icon) - { - if ($value == _("Delete")) // Helper during implementation - $icon = ICON_DELETE; - echo "\n" + ."\n" ); + } + + $str .= "\n"; + $str .= "
\n"; + $str .= "\n"; + $str .= "
\n"; + echo $str; } +function tabbed_content_end() { + output_hidden(); + echo "
"; // content box (don't change to div_end() unless div_start() is used above) + div_end(); // tabs widget +} + +function tab_changed($name) +{ + $to = find_submit("{$name}_", false); + if (!$to) return null; + + return array('from' => $from = get_post("_{$name}_sel"), + 'to' => $to); +} +/* + Check whether tab has been just switched on +*/ +function tab_opened($name, $tab) +{ + return (get_post('_'.$name.'_sel') != $tab) && (find_submit($name.'_', false) == $tab); +} +/* + Check whether tab has been just switched off +*/ +function tab_closed($name, $tab) +{ + return (get_post('_'.$name.'_sel') == $tab) && (find_submit($name.'_', false) != $tab); +} +/* + Check whether tab is visible on current page +*/ +function tab_visible($name, $tab) +{ + $new = find_submit($name.'_', false); + return (get_post('_'.$name.'_sel') == $tab && !$new) || $new==$tab; +} + +/* Table editor interfaces. Key is editor type + 0 => url of editor page + 1 => hotkey code + 2 => context help +*/ +$popup_editors = array( + 'customer' => array('/sales/manage/customers.php?debtor_no=', + 113, _("Customers"), 900, 600), + 'branch' => array('/sales/manage/customer_branches.php?SelectedBranch=', + 114, _("Branches"), 900, 700), + 'supplier' => array('/purchasing/manage/suppliers.php?supplier_id=', + 113, _("Suppliers"), 900, 700), + 'item' => array('/inventory/manage/items.php?stock_id=', + 115, _("Items"), 800, 600), + 'fa_item' => array('/inventory/manage/items.php?FixedAsset=1&stock_id=', + 115, _("Items"), 800, 600) +); +/* + Bind editors for various selectors. + $type - type of editor + $input - name of related input field + $caller - optional function key code (available values F1-F12: 112-123, + true: default) +*/ +function set_editor($type, $input, $caller=true) +{ + global $path_to_root, $Editors, $popup_editors, $Pagehelp; + + $key = $caller===true ? $popup_editors[$type][1] : $caller; + + $Editors[$key] = array( $path_to_root . $popup_editors[$type][0], $input, + $popup_editors[$type][3], $popup_editors[$type][4]); + + $help = 'F' . ($key - 111) . ' - '; + $help .= $popup_editors[$type][2]; + $Pagehelp[] = $help; +} +//------------------------------------------------------------------------------ +// Procedures below are now obsolete. Preserved for eventual future use. + /* External page call with saving current context. $call - url of external page @@ -345,12 +602,92 @@ function context_reset() { $_SESSION['Context'] = array(); } - /* Context stack initialization */ if (!isset($_SESSION['Context'])) { context_reset(); } +/* + Redirector for selector F4 calls. + $sel_editors is array of selname=>editor_page +*/ +function editor_redirect($sel_editors, $save_fun='') { + foreach ($sel_editors as $selname=>$editor) + if (isset($_POST['_'.$selname.'_editor'])) { + if (function_exists($save_fun)) + $save_fun(); + unset($_POST['_'.$selname.'_editor']); + context_call($editor, array_keys($_POST)); + } +} +/* + Return procedure for selector F4 calls +*/ +function editor_return($vars, $restore_fun='') { + if (function_exists($restore_fun)) + $restore_fun(); + + if ($ret = context_restore()) { + foreach ($vars as $postname=>$retname) + if (isset($ret[$retname])) { + $_POST[$postname] = $ret[$retname]; + set_focus($postname); + } + } +} + +function confirm_dialog($submit, $msg) { + if (find_post($submit)) { + display_warning($msg); + br(); + submit_center_first('DialogConfirm', _("Proceed"), '', true); + submit_center_last('DialogCancel', _("Cancel"), '', 'cancel'); + return 0; + } else + return get_post('DialogConfirm', 0); +} +/* + Confirm dialog to be used optionally in final form checking routine. + Displays warning conditionally unless it was displayed +*/ +function display_confirmation($msg) +{ + global $Ajax; -?> \ No newline at end of file + if (!get_post('_confirmed')) + { + $_POST['_confirmed'] = 1; + display_warning($msg); + return false; + } else + return true; +} +/* + Block menu/shortcut links during transaction procesing. +*/ +function page_processing($msg = false) +{ + global $Ajax; + + if ($msg === true) + $msg = _("Entered data has not been saved yet.\nDo you want to abandon changes?"); + + $js = "_validate._processing=" . ( + $msg ? '\''.strtr($msg, array("\n"=>'\\n')) . '\';' : 'null;'); + if (in_ajax()) { + $Ajax->addScript(true, $js); + } else + add_js_source($js); +} + +function page_modified($status = true) +{ + global $Ajax; + + $js = "_validate._modified=" . ($status ? 1:0).';'; + if (in_ajax()) { + $Ajax->addScript(true, $js); + } else + add_js_source($js); +}